Tuesday, 28 April 2015, NEW YORK, NY - The New York Times entire editorial board today endorses in the face of a "top national security threat" the Pentagon's newly released 33-page cybersecurity strategy (the "Strategy") in the absence of any meaningful comprehensive action by the Republican-controlled Congress on which President Obama has "given up" to address what U.S. Defense Secretary Ashton Carter last week warned were cyberthreats "increasing in severity and sophistication".
Some of the most notable recent cyberintrusions have been made by Russia into the Pentagon, State Department and White House as well as by North Korea in its 2014 corporate attack on Sony Pictures. A Russian White House attack last year although reportedly "only" into the White House unclassified computer system collected data including President Obama's email correspondence and in fact was "more intrusive and worrisome" than has been publicly acknowledged serving as a "chilling example" of the potential for deep penetration by cyberadversaries into government computers.
The Strategy in addition to being intended to send a warning directly to demonstrated cyberadversaries China, Russia, Iran and North Korea also lays out a broad framework for a comprehensive cyberdefense system responding to cyberthreats and cyberattacks on a scaled basis first by private business alone, in more serious cases with government assistance to private businesses from the Department of Homeland Security, in more serious cases yet by existing network defenses and law enforcement agencies such as the F.B.I. and finally in the most serious cases under order of the President the U.S. military could conduct operations to counter and presumably launch full U.S. cybersecurity retaliatory attacks to cause serious disruption, damage and destruction to adversaries' cybercapabilities with weapons now being developed in response to an "imminent or threatened attack against the U.S. homeland or U.S. interests in cyberspace".
Threats of "cybermilitarization" as raised here in recent previous posts including the potential for further serious unacceptable unconstitutional threats to the American people's privacy rights remain a concern although unlike the Congressional "cybersecurity" bill reported on recently here which on its face appeared to focus most on immunizing private business from liability the Strategy announced by the Pentagon apparently does not address that subject with its focus as expected and appropriate being directly on United States national cybersecurity interests. How "cybermilitarization" and concomitant privacy invasion concerns are addressed should be scrutinized as more particulars of the Strategy develop the public release of which is noted to be a belated welcome step toward government "transparency" in this critical area of the greatest importance to business and the public such that these and other concerns must be meaningfully addressed in the Strategy's implementation.
The Strategy's framework as solidified must address the coordination and various federal entities with current U.S. cybersecurity responsibilities including the National Security Agency, the Department of Homeland Security, the Central Intelligence Agency, the F.B.I. and the Pentagon. Considering the prominence given it with a photograph atop the below linked article and the sole mention of a federal agency in the recently proposed Congressional "cybersecuirty" bill being to it as well it would appear that significant cybersecurity information and response coordination responsibilities will fall with the previously obscure National Cybersecurity and Communications Integration Center in Arlington, Virginia.
In addition to the great number of cybersecurity workers currently employed by the government the Strategy is expected in coming years to increase military cybersecurity employment to 6,200 workers and cost billions of dollars annually. Readers interested in more information can go to the below link which also includes in it a direct link to the text of the 33-page Strategy publicly released by the Pentagon.
http://www.nytimes.com/2015/04/28/opinion/preparing-for-warfare-in-cyberspace.html
Copyright 2015 Martin P. All World Rights Expressly Reserved
Some of the most notable recent cyberintrusions have been made by Russia into the Pentagon, State Department and White House as well as by North Korea in its 2014 corporate attack on Sony Pictures. A Russian White House attack last year although reportedly "only" into the White House unclassified computer system collected data including President Obama's email correspondence and in fact was "more intrusive and worrisome" than has been publicly acknowledged serving as a "chilling example" of the potential for deep penetration by cyberadversaries into government computers.
The Strategy in addition to being intended to send a warning directly to demonstrated cyberadversaries China, Russia, Iran and North Korea also lays out a broad framework for a comprehensive cyberdefense system responding to cyberthreats and cyberattacks on a scaled basis first by private business alone, in more serious cases with government assistance to private businesses from the Department of Homeland Security, in more serious cases yet by existing network defenses and law enforcement agencies such as the F.B.I. and finally in the most serious cases under order of the President the U.S. military could conduct operations to counter and presumably launch full U.S. cybersecurity retaliatory attacks to cause serious disruption, damage and destruction to adversaries' cybercapabilities with weapons now being developed in response to an "imminent or threatened attack against the U.S. homeland or U.S. interests in cyberspace".
Threats of "cybermilitarization" as raised here in recent previous posts including the potential for further serious unacceptable unconstitutional threats to the American people's privacy rights remain a concern although unlike the Congressional "cybersecurity" bill reported on recently here which on its face appeared to focus most on immunizing private business from liability the Strategy announced by the Pentagon apparently does not address that subject with its focus as expected and appropriate being directly on United States national cybersecurity interests. How "cybermilitarization" and concomitant privacy invasion concerns are addressed should be scrutinized as more particulars of the Strategy develop the public release of which is noted to be a belated welcome step toward government "transparency" in this critical area of the greatest importance to business and the public such that these and other concerns must be meaningfully addressed in the Strategy's implementation.
The Strategy's framework as solidified must address the coordination and various federal entities with current U.S. cybersecurity responsibilities including the National Security Agency, the Department of Homeland Security, the Central Intelligence Agency, the F.B.I. and the Pentagon. Considering the prominence given it with a photograph atop the below linked article and the sole mention of a federal agency in the recently proposed Congressional "cybersecuirty" bill being to it as well it would appear that significant cybersecurity information and response coordination responsibilities will fall with the previously obscure National Cybersecurity and Communications Integration Center in Arlington, Virginia.
In addition to the great number of cybersecurity workers currently employed by the government the Strategy is expected in coming years to increase military cybersecurity employment to 6,200 workers and cost billions of dollars annually. Readers interested in more information can go to the below link which also includes in it a direct link to the text of the 33-page Strategy publicly released by the Pentagon.
http://www.nytimes.com/2015/04/28/opinion/preparing-for-warfare-in-cyberspace.html
Copyright 2015 Martin P. All World Rights Expressly Reserved
No comments:
Post a Comment